Hello Chet,
The default rule for my LAN currently is this:
Proto: Source: Port: Destination: Port:
* Lan net * * *
Since I have the destination set to "any" it should allow access to the DMZ,
correct? I did try this to the LAN as well:
Proto: Source: Port: Destination: Port:
* Lan net * DMZ *
But that had no effect. I looked in the static route config, but got a
little confused. HMmm....
Rodman
----- Original Message -----
From: "Chet Harvey" <chet at pittech dot com>
To: "Rodman Frowert" <frowertr at i dash 1 dot net>
Cc: <m0n0wall at lists dot m0n0 dot ch>
Sent: Tuesday, September 07, 2004 11:17 AM
Subject: Re: [m0n0wall] Unable to ping DMZ hosts from LAN
> You will have to add a allow rule from LAN to DMZ. The default LAN > any
> is to
> thw WAN interface. (going from memory here since I dont have a m0n0 in
> front of
> me.
>
> May need to add a static route too.
>
> Chet Harvey
> Pitbull Technologies <http://www.pittech.com/>
> Protecting your Digital Assets
> 703.407.7311
>
>
> Quoting Rodman Frowert <frowertr at i dash 1 dot net>:
>
>> Hey guys,
>>
>> I looked through the archives and didn't find any answers I thought would
>> be
>>
>> beneficial to me so I thought I would ask. I can't seem to ping anything
>> in
>>
>> the DMZ (other than my m0n0 DMZ interface) from my LAN. Now I can ping
>> DMZ
>> hosts from the m0n0 GUI, however.
>>
>> Is there something that is set that is preventing me from talking to DMZ
>> hosts from my LAN? I only have one LAN rule and it is the default rule
>> that
>>
>> was enabled with m0n0 was installed: Default LAN --> any. The DMZ rules
>> I
>> have set apply to what can come out of the DMZ only because this is my
>> hotspot.
>>
>> I would like to eventually put a webserver in my DMZ, so you can imagine
>> I
>> at least need telnet access to the machine from my LAN.
>>
>> My LAN is 192.168.1.x/24
>> My DMZ is 10.10.10.x/24
>>
>> What am I missing? Am I going to have to bridge these two to do what I
>> want
>>
>> to do?
>>
>> Rodman
>>
>>
>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>